Use encryption http://java.sys-con.com/node/393364
On 30/10/10 8:41 PM, "Pid" <p...@pidster.com> wrote: > On 30/10/2010 09:19, Christoph Kukulies wrote: >> Am 29.10.2010 15:29, schrieb Mark Thomas: >>> On 29/10/2010 14:19, Darryl Lewis wrote: >>>> Are you serious? >>> Completely. If you have a scheme that encrypts the database username and >>> password in server.xml and provides genuine additional security over and >>> above limiting access to server.xml to the user running Tomcat (and >>> root) I'd love to hear it. I'd also be amazed. >> Just curious: What username/password are you talking about that would be >> stored in >> server.xml? There is sth. in tomcat-users.xml. Did you mean that? > > DB username/passwords in DataSource definitions, presumably. > > > p --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
